package com.exposit.zbs.controller;

import com.exposit.zbs.model.Role;
import com.exposit.zbs.model.User;
import com.exposit.zbs.service.IUserService;
import com.exposit.zbs.utils.MessageDigestHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;


/**
 * @author Andrey
 */
@Controller
@RequestMapping("")
public class LoginController {

	@Autowired
	private IUserService userService;

	@RequestMapping(value = {"", "/", "/login"}, method = {RequestMethod.GET})
	public String login(String error, Model model) {

		model.addAttribute("error", error);
		return "login";
	}

	@RequestMapping(value = "/login", method = {RequestMethod.POST})
	public ModelAndView login(@RequestParam(value = "userLogin", required = true) String userLogin, @RequestParam(value = "userPassword", required = true) String userPassword, HttpServletRequest request, HttpSession session) {

		ModelAndView mav = new ModelAndView();

		User user = userService.getUserbyLogin(userLogin);
		String userPassHash = MessageDigestHelper.getMd5(userPassword);
		if (user != null && user.getUserPassHash().equals(userPassHash)) {
			session.setAttribute("sessionUser", user);
			mav = new ModelAndView("redirect:/profile/" + user.getUserId());
		} else {
			mav.addObject("error", "Invalid username or password!");
			mav.setViewName("login");
		}

		return mav;
	}

	@RequestMapping(value = "/logout")
	public ModelAndView logout(HttpSession session) {

		ModelAndView model = new ModelAndView();
		model.setViewName("login");

		session.setAttribute("userSession", null);
		session.invalidate();

		return model;
	}

	@RequestMapping(value = "/register", method = {RequestMethod.GET})
	public String register(HttpSession session, Model model) {

		model.addAttribute("user", new User());
		return "register";
	}

	@RequestMapping(value = "/register", method = {RequestMethod.POST})
	public ModelAndView register(@Valid User user, BindingResult result, @RequestParam(value = "userPassHashRepeat", required = true) String userPassHashRepeat, HttpServletRequest request, HttpSession session) {  //TODO Validate fields!!!!!
		ModelAndView mav = new ModelAndView();
		if (user.getUserPassHash().equals(userPassHashRepeat) && !result.hasErrors() && !userService.checkUserExist(user)) {
			mav = new ModelAndView("redirect:/login");
			mav.addObject("message", "Registration complete! Please sign in with you new credentials!");
			user.setRole(new Role(1, "ROLE_USER"));
			userService.saveUser(user);
		} else {
			mav.addObject("error", "Errors in registration, maybe login or e-mail already exist.");
			mav.setViewName("register");

		}


		return mav;
	}
}